CVE-2010-4340

Currently unrated

Key Information:

Vendor: Apache
Status: Libcloud
Vendor: CVE Published:; 12 September 2011

Summary

libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.

References

http://mail-archives.apache.org/mod_mbox/incubator-libclo...

mailing-listx_refsource_MLIST

http://wiki.apache.org/incubator/LibcloudSSL

x_refsource_MISC

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 12, 2011